Security News
Cybersecurity firm Qualys said today that the attackers who breached its Accellion FTA server didn't infiltrate the company's production and corporate environments. "Qualys also noted that the investigation found that the company's"existing security rules would not have allowed any such access between the Accellion FTA server and Qualys' corporate and production environment.
Enterprise cloud security firm Qualys has become the latest victim to join a long list of entities to have suffered a data breach after zero-day vulnerabilities in its Accellion File Transfer Appliance server were exploited to steal sensitive business documents. As proof of access to the data, the cybercriminals behind the recent hacks targeting Accellion FTA servers have shared screenshots of files belonging to the company's customers on a publicly accessible data leak website operated by the CLOP ransomware gang.
Initially, the website would list data exfiltrated during ransomware attacks, but as of late it has been flooded with data stolen from various organizations that were relying on the Accellion FTA file transfer software. "The exploited vulnerabilities were of critical severity because they were subject to exploitation via unauthenticated remote code execution," Accellion noted in a report detailing Mandiant's investigation into the incident.
Files appearing to originate from Qualys were dumped online this afternoon on the Tor blog of the Clop criminal extortionists. Ransomware gang specialist Brett Callow, of infosec biz Emsisoft, told The Register: "Entities that have had dealings with Qualys should be on high alert."
Cybersecurity firm Qualys is likely the latest victim to have suffered a data breach after a zero-day vulnerability in their Accellion FTA server was exploited to steal hosted files. Yesterday, the Clop ransomware gang posted screenshots of files allegedly belonging to the cybersecurity firm Qualys.
Cybersecurity firm Qualys is likely the latest victim to have suffered a data breach after a zero-day vulnerability in their Accellion FTA server was exploited to steal hosted files. Yesterday, the Clop ransomware gang posted screenshots of files allegedly belonging to the cybersecurity firm Qualys.
Qualys announced it is expanding Qualys VMDR to mobile devices with support for Android and iOS/iPadOS delivering an end-to-end solution for mobile device security. Qualys' all-in-one VMDR provides in-depth mobile device visibility, data security insights, proactive posture monitoring, and automated response for all iOS and Android devices and installed apps - just like VMDR does for on premises, endpoints, clouds, containers, OT and IoT assets.
Qualys announced the establishment of a new Cloud Platform in the UAE. With nine locations across the globe, Qualys is expanding its highly scalable Cloud Platform that powers Qualys' suite of integrated IT, security, and compliance cloud apps including its latest VMDR and Multi-Vector EDR solutions. Uniquely, the Qualys Cloud Platform provides real-time visibility across the entire hybrid environment from on premises, endpoints, mobile, containers, cloud(s) and OT and IoT environments via an array of sensors and connectors that bring the telemetry required to provide continuous 2-second visibility across all IT assets.
Qualys announced that Armor is integrating the Qualys CloudView app, which includes Cloud Inventory and Cloud Security Assessment, into Armor Anywhere, a cloud security platform. Armor Anywhere with Cloud Security Posture Management lets clients continuously inventory and assess the security and compliance of their public cloud services as per industry standard benchmarks and regulatory mandates.
Qualys announced it has worked with Google Cloud to provide out-of-the-box support for Google Cloud Artifact Registry for its Container Security solution. Qualys Container Security scanning will assess all images for software inventory, vulnerabilities and misconfigurations, and provide a unified view across multiple Google Cloud regions.